BE-445: Document admin API and disable bulk endpoints in production

[TimDiekmann]

🌟 What is the purpose of this PR?

Documents the Graph Admin API (both rustdoc and Notion runbook) and disables bulk destructive endpoints when JWT is configured (production/staging).

🔗 Related links

• BE-445 (internal)
• Graph Admin API Runbook (internal)

🔍 What does this change?

• Disable bulk endpoints in production: /snapshot, /accounts, /data-types, /property-types, /entity-types are only registered when JWT is not configured. In production/staging (JWT enabled), only /health and /entities/delete are available.
• Add module-level rustdoc: Endpoint table with methods, paths, auth requirements, and availability. Authentication flow documentation. Link to the Notion operational runbook.
• Add handler-level doc comments: Each admin endpoint handler now has a doc comment describing what it does and its availability.
• Fix terminology: Replace "dev mode" with "JWT not configured" throughout.
• Notion runbook: Created Graph Admin API page in Eng Processes with access instructions, prerequisites, and environment URLs.

Pre-Merge Checklist 🚀

🚢 Has this modified a publishable library?

This PR:

• does not modify any publishable blocks or libraries, or modifications do not need publishing

📜 Does this require a change to the docs?

The changes in this PR:

• are internal and do not require a docs change

🕸️ Does this require a change to the Turbo Graph?

The changes in this PR:

• do not affect the execution graph

🐾 Next steps

• Production URL once SRE-575 is complete

🛡 What tests cover this?

• Documentation-only and route registration changes — no new runtime behaviour to test

❓ How to test this?

1. cargo doc --no-deps --all-features --package hash-graph-api — verify rustdoc renders correctly
2. Review the Notion runbook for accuracy

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
hash	Ready	Preview, Comment	Mar 12, 2026 5:09pm
petrinaut	Ready	Preview, Comment	Mar 12, 2026 5:09pm

2 Skipped Deployments

Project	Deployment	Actions	Updated (UTC)
hashdotdesign	Ignored	Preview	Mar 12, 2026 5:09pm
hashdotdesign-tokens	Ignored	Preview	Mar 12, 2026 5:09pm

[cursor]

PR Summary

Medium Risk
Changes admin-server authentication/boot behavior and which destructive admin endpoints are exposed, which is security-sensitive and could affect ops if misconfigured. Risk is mitigated by refusing to start without JWT or an explicit unsafe dev flag and by disabling bulk endpoints when JWT is enabled.

Overview
Hardens the Graph Admin API so bulk destructive operations are not available when running with JWT (prod/staging). Only /health and /entities/delete remain registered in JWT mode; /snapshot and the bulk delete endpoints are now registered only when running without JWT.

Adds an explicit --unsafe-allow-dev-authentication/HASH_GRAPH_UNSAFE_DEV_AUTH switch for local development: without JWT the server now refuses to start unless this flag is set, and the flag is rejected if JWT config is present. Expands rustdoc/handler docs and adds examples for DeleteEntitiesParams to clarify endpoint behavior and auth expectations.

^{Written by Cursor Bugbot for commit 7f407e7. This will update automatically on new commits. Configure here.}

[augmentcode]

🤖 Augment PR Summary

Summary: Documents and hardens the Graph Admin API by clarifying routes/auth and preventing bulk destructive operations in JWT-enabled environments.

Changes:

• Expanded module-level rustdoc with an endpoint table, authentication flow, and an operational runbook link
• Updated admin router registration so bulk destructive endpoints are only exposed when JWT is not configured
• Kept /health always available and /entities/delete always available with provenance via JWT email claim (or header fallback when JWT is not configured)

Operational Notes: In production/staging (JWT enabled), only /health and /entities/delete remain accessible on the admin port.

_{🤖 Was this summary useful? React with 👍 or 👎}

[augmentcode]

Review completed. 1 suggestions posted.

Comment augment review to trigger a new review at any time.

[codecov]

Codecov Report

❌ Patch coverage is 0% with 8 lines in your changes missing coverage. Please review.
✅ Project coverage is 62.65%. Comparing base (36b80f7) to head (7f407e7).
⚠️ Report is 22 commits behind head on main.

Files with missing lines	Patch %	Lines
libs/@local/graph/api/src/rest/admin.rs	0.00%	8 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #8507      +/-   ##
==========================================
- Coverage   62.74%   62.65%   -0.10%     
==========================================
  Files        1311     1312       +1     
  Lines      133480   133690     +210     
  Branches     5510     5510              
==========================================
+ Hits        83756    83760       +4     
- Misses      48810    49016     +206     
  Partials      914      914              

Flag	Coverage Δ
apps.hash-ai-worker-ts	1.40% <ø> (ø)
apps.hash-api	0.00% <ø> (ø)
local.hash-graph-sdk	7.73% <ø> (ø)
local.hash-isomorphic-utils	0.00% <ø> (ø)
rust.hash-graph-api	2.64% <0.00%> (-0.14%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[codspeed-hq]

Merging this PR will not alter performance

✅ 80 untouched benchmarks

---

_{Comparing t/be-445-admin-api-documentation-runbook (7f407e7) with main (07c2523)}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

[github-actions]

Benchmark results

@rust/hash-graph-benches – Integrations

policy_resolution_large

Function	Value	Mean	Flame graphs
resolve_policies_for_actor	user: empty, selectivity: high, policies: 2002	$$29.1 \mathrm{ms} \pm 181 \mathrm{μs}\left({\color{gray}1.99 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: empty, selectivity: low, policies: 1	$$3.84 \mathrm{ms} \pm 24.2 \mathrm{μs}\left({\color{red}6.95 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: empty, selectivity: medium, policies: 1001	$$14.2 \mathrm{ms} \pm 82.1 \mathrm{μs}\left({\color{gray}4.59 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: seeded, selectivity: high, policies: 3314	$$46.9 \mathrm{ms} \pm 303 \mathrm{μs}\left({\color{gray}3.03 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: seeded, selectivity: low, policies: 1	$$17.1 \mathrm{ms} \pm 159 \mathrm{μs}\left({\color{red}7.67 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: seeded, selectivity: medium, policies: 1526	$$26.7 \mathrm{ms} \pm 200 \mathrm{μs}\left({\color{gray}3.02 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: system, selectivity: high, policies: 2078	$$30.2 \mathrm{ms} \pm 227 \mathrm{μs}\left({\color{gray}3.07 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: system, selectivity: low, policies: 1	$$4.09 \mathrm{ms} \pm 25.3 \mathrm{μs}\left({\color{gray}4.76 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: system, selectivity: medium, policies: 1033	$$15.5 \mathrm{ms} \pm 105 \mathrm{μs}\left({\color{red}6.97 \mathrm{\%}}\right) $$	Flame Graph

policy_resolution_medium

Function	Value	Mean	Flame graphs
resolve_policies_for_actor	user: empty, selectivity: high, policies: 102	$$3.95 \mathrm{ms} \pm 24.5 \mathrm{μs}\left({\color{gray}-2.571 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: empty, selectivity: low, policies: 1	$$3.12 \mathrm{ms} \pm 13.1 \mathrm{μs}\left({\color{gray}-0.788 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: empty, selectivity: medium, policies: 51	$$3.53 \mathrm{ms} \pm 24.0 \mathrm{μs}\left({\color{gray}-1.043 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: seeded, selectivity: high, policies: 269	$$5.47 \mathrm{ms} \pm 40.5 \mathrm{μs}\left({\color{gray}0.351 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: seeded, selectivity: low, policies: 1	$$3.77 \mathrm{ms} \pm 21.8 \mathrm{μs}\left({\color{gray}-0.400 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: seeded, selectivity: medium, policies: 107	$$4.38 \mathrm{ms} \pm 32.3 \mathrm{μs}\left({\color{gray}-0.163 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: system, selectivity: high, policies: 133	$$4.85 \mathrm{ms} \pm 37.3 \mathrm{μs}\left({\color{gray}3.33 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: system, selectivity: low, policies: 1	$$3.60 \mathrm{ms} \pm 20.8 \mathrm{μs}\left({\color{gray}-0.358 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: system, selectivity: medium, policies: 63	$$4.28 \mathrm{ms} \pm 25.1 \mathrm{μs}\left({\color{gray}-1.871 \mathrm{\%}}\right) $$	Flame Graph

policy_resolution_none

Function	Value	Mean	Flame graphs
resolve_policies_for_actor	user: empty, selectivity: high, policies: 2	$$3.09 \mathrm{ms} \pm 21.5 \mathrm{μs}\left({\color{red}7.56 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: empty, selectivity: low, policies: 1	$$3.00 \mathrm{ms} \pm 18.8 \mathrm{μs}\left({\color{red}7.15 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: empty, selectivity: medium, policies: 1	$$3.16 \mathrm{ms} \pm 19.0 \mathrm{μs}\left({\color{red}8.27 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: system, selectivity: high, policies: 8	$$3.46 \mathrm{ms} \pm 23.8 \mathrm{μs}\left({\color{red}7.92 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: system, selectivity: low, policies: 1	$$3.25 \mathrm{ms} \pm 22.3 \mathrm{μs}\left({\color{red}8.38 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: system, selectivity: medium, policies: 3	$$3.52 \mathrm{ms} \pm 20.4 \mathrm{μs}\left({\color{red}6.88 \mathrm{\%}}\right) $$	Flame Graph

policy_resolution_small

Function	Value	Mean	Flame graphs
resolve_policies_for_actor	user: empty, selectivity: high, policies: 52	$$3.25 \mathrm{ms} \pm 17.6 \mathrm{μs}\left({\color{gray}-0.299 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: empty, selectivity: low, policies: 1	$$2.91 \mathrm{ms} \pm 11.5 \mathrm{μs}\left({\color{gray}-2.198 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: empty, selectivity: medium, policies: 25	$$3.09 \mathrm{ms} \pm 16.8 \mathrm{μs}\left({\color{gray}-1.263 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: seeded, selectivity: high, policies: 94	$$3.66 \mathrm{ms} \pm 19.1 \mathrm{μs}\left({\color{gray}-1.545 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: seeded, selectivity: low, policies: 1	$$3.24 \mathrm{ms} \pm 16.2 \mathrm{μs}\left({\color{gray}-0.974 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: seeded, selectivity: medium, policies: 26	$$3.44 \mathrm{ms} \pm 18.0 \mathrm{μs}\left({\color{gray}-1.445 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: system, selectivity: high, policies: 66	$$3.56 \mathrm{ms} \pm 19.8 \mathrm{μs}\left({\color{gray}-2.938 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: system, selectivity: low, policies: 1	$$3.25 \mathrm{ms} \pm 22.4 \mathrm{μs}\left({\color{gray}0.033 \mathrm{\%}}\right) $$	Flame Graph
resolve_policies_for_actor	user: system, selectivity: medium, policies: 29	$$3.52 \mathrm{ms} \pm 20.3 \mathrm{μs}\left({\color{gray}-0.482 \mathrm{\%}}\right) $$	Flame Graph

read_scaling_complete

Function	Value	Mean	Flame graphs
entity_by_id;one_depth	1 entities	$$44.0 \mathrm{ms} \pm 212 \mathrm{μs}\left({\color{gray}2.16 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;one_depth	10 entities	$$80.2 \mathrm{ms} \pm 475 \mathrm{μs}\left({\color{gray}-1.997 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;one_depth	25 entities	$$48.9 \mathrm{ms} \pm 314 \mathrm{μs}\left({\color{gray}2.84 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;one_depth	5 entities	$$51.0 \mathrm{ms} \pm 322 \mathrm{μs}\left({\color{gray}2.12 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;one_depth	50 entities	$$59.4 \mathrm{ms} \pm 473 \mathrm{μs}\left({\color{gray}1.53 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;two_depth	1 entities	$$45.3 \mathrm{ms} \pm 294 \mathrm{μs}\left({\color{gray}2.78 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;two_depth	10 entities	$$422 \mathrm{ms} \pm 914 \mathrm{μs}\left({\color{gray}-0.433 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;two_depth	25 entities	$$101 \mathrm{ms} \pm 520 \mathrm{μs}\left({\color{gray}0.054 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;two_depth	5 entities	$$89.6 \mathrm{ms} \pm 528 \mathrm{μs}\left({\color{gray}0.384 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;two_depth	50 entities	$$326 \mathrm{ms} \pm 1.38 \mathrm{ms}\left({\color{gray}0.754 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;zero_depth	1 entities	$$16.7 \mathrm{ms} \pm 98.8 \mathrm{μs}\left({\color{gray}0.045 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;zero_depth	10 entities	$$16.8 \mathrm{ms} \pm 92.4 \mathrm{μs}\left({\color{gray}2.54 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;zero_depth	25 entities	$$17.4 \mathrm{ms} \pm 125 \mathrm{μs}\left({\color{red}5.81 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;zero_depth	5 entities	$$16.8 \mathrm{ms} \pm 87.9 \mathrm{μs}\left({\color{gray}2.35 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id;zero_depth	50 entities	$$20.1 \mathrm{ms} \pm 108 \mathrm{μs}\left({\color{gray}4.09 \mathrm{\%}}\right) $$	Flame Graph

read_scaling_linkless

Function	Value	Mean	Flame graphs
entity_by_id	1 entities	$$16.8 \mathrm{ms} \pm 115 \mathrm{μs}\left({\color{red}5.89 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id	10 entities	$$16.7 \mathrm{ms} \pm 89.3 \mathrm{μs}\left({\color{gray}4.46 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id	100 entities	$$16.6 \mathrm{ms} \pm 90.5 \mathrm{μs}\left({\color{gray}4.07 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id	1000 entities	$$17.2 \mathrm{ms} \pm 87.5 \mathrm{μs}\left({\color{gray}2.40 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id	10000 entities	$$25.1 \mathrm{ms} \pm 189 \mathrm{μs}\left({\color{gray}3.04 \mathrm{\%}}\right) $$	Flame Graph

representative_read_entity

Function	Value	Mean	Flame graphs
entity_by_id	entity type ID: https://blockprotocol.org/@alice/types/entity-type/block/v/1	$$32.3 \mathrm{ms} \pm 347 \mathrm{μs}\left({\color{red}6.18 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id	entity type ID: https://blockprotocol.org/@alice/types/entity-type/book/v/1	$$32.3 \mathrm{ms} \pm 279 \mathrm{μs}\left({\color{red}5.09 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id	entity type ID: https://blockprotocol.org/@alice/types/entity-type/building/v/1	$$34.1 \mathrm{ms} \pm 367 \mathrm{μs}\left({\color{red}9.31 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id	entity type ID: https://blockprotocol.org/@alice/types/entity-type/organization/v/1	$$31.7 \mathrm{ms} \pm 310 \mathrm{μs}\left({\color{gray}0.274 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id	entity type ID: https://blockprotocol.org/@alice/types/entity-type/page/v/2	$$32.9 \mathrm{ms} \pm 286 \mathrm{μs}\left({\color{red}9.72 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id	entity type ID: https://blockprotocol.org/@alice/types/entity-type/person/v/1	$$31.3 \mathrm{ms} \pm 288 \mathrm{μs}\left({\color{gray}1.60 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id	entity type ID: https://blockprotocol.org/@alice/types/entity-type/playlist/v/1	$$32.1 \mathrm{ms} \pm 358 \mathrm{μs}\left({\color{gray}1.30 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id	entity type ID: https://blockprotocol.org/@alice/types/entity-type/song/v/1	$$31.4 \mathrm{ms} \pm 305 \mathrm{μs}\left({\color{gray}3.94 \mathrm{\%}}\right) $$	Flame Graph
entity_by_id	entity type ID: https://blockprotocol.org/@alice/types/entity-type/uk-address/v/1	$$33.1 \mathrm{ms} \pm 364 \mathrm{μs}\left({\color{red}9.78 \mathrm{\%}}\right) $$	Flame Graph

representative_read_entity_type

Function	Value	Mean	Flame graphs
get_entity_type_by_id	Account ID: bf5a9ef5-dc3b-43cf-a291-6210c0321eba	$$8.96 \mathrm{ms} \pm 57.9 \mathrm{μs}\left({\color{gray}2.03 \mathrm{\%}}\right) $$	Flame Graph

representative_read_multiple_entities

Function	Value	Mean	Flame graphs
entity_by_property	traversal_paths=0	0	$$94.3 \mathrm{ms} \pm 472 \mathrm{μs}\left({\color{gray}3.17 \mathrm{\%}}\right) $$
entity_by_property	traversal_paths=255	1,resolve_depths=inherit:1;values:255;properties:255;links:127;link_dests:126;type:true	$$151 \mathrm{ms} \pm 732 \mathrm{μs}\left({\color{gray}3.89 \mathrm{\%}}\right) $$
entity_by_property	traversal_paths=2	1,resolve_depths=inherit:0;values:0;properties:0;links:0;link_dests:0;type:false	$$100 \mathrm{ms} \pm 485 \mathrm{μs}\left({\color{gray}2.76 \mathrm{\%}}\right) $$
entity_by_property	traversal_paths=2	1,resolve_depths=inherit:0;values:0;properties:0;links:1;link_dests:0;type:true	$$111 \mathrm{ms} \pm 637 \mathrm{μs}\left({\color{gray}4.12 \mathrm{\%}}\right) $$
entity_by_property	traversal_paths=2	1,resolve_depths=inherit:0;values:0;properties:2;links:1;link_dests:0;type:true	$$121 \mathrm{ms} \pm 603 \mathrm{μs}\left({\color{gray}4.61 \mathrm{\%}}\right) $$
entity_by_property	traversal_paths=2	1,resolve_depths=inherit:0;values:2;properties:2;links:1;link_dests:0;type:true	$$128 \mathrm{ms} \pm 583 \mathrm{μs}\left({\color{red}5.57 \mathrm{\%}}\right) $$
link_by_source_by_property	traversal_paths=0	0	$$91.3 \mathrm{ms} \pm 499 \mathrm{μs}\left({\color{gray}1.18 \mathrm{\%}}\right) $$
link_by_source_by_property	traversal_paths=255	1,resolve_depths=inherit:1;values:255;properties:255;links:127;link_dests:126;type:true	$$122 \mathrm{ms} \pm 543 \mathrm{μs}\left({\color{gray}4.96 \mathrm{\%}}\right) $$
link_by_source_by_property	traversal_paths=2	1,resolve_depths=inherit:0;values:0;properties:0;links:0;link_dests:0;type:false	$$98.9 \mathrm{ms} \pm 478 \mathrm{μs}\left({\color{gray}1.37 \mathrm{\%}}\right) $$
link_by_source_by_property	traversal_paths=2	1,resolve_depths=inherit:0;values:0;properties:0;links:1;link_dests:0;type:true	$$108 \mathrm{ms} \pm 428 \mathrm{μs}\left({\color{gray}-1.249 \mathrm{\%}}\right) $$
link_by_source_by_property	traversal_paths=2	1,resolve_depths=inherit:0;values:0;properties:2;links:1;link_dests:0;type:true	$$112 \mathrm{ms} \pm 508 \mathrm{μs}\left({\color{gray}-1.395 \mathrm{\%}}\right) $$
link_by_source_by_property	traversal_paths=2	1,resolve_depths=inherit:0;values:2;properties:2;links:1;link_dests:0;type:true	$$109 \mathrm{ms} \pm 539 \mathrm{μs}\left({\color{gray}0.883 \mathrm{\%}}\right) $$

scenarios

Function	Value	Mean	Flame graphs
full_test	query-limited	$$136 \mathrm{ms} \pm 541 \mathrm{μs}\left({\color{gray}3.34 \mathrm{\%}}\right) $$	Flame Graph
full_test	query-unlimited	$$133 \mathrm{ms} \pm 443 \mathrm{μs}\left({\color{gray}-1.990 \mathrm{\%}}\right) $$	Flame Graph
linked_queries	query-limited	$$105 \mathrm{ms} \pm 452 \mathrm{μs}\left({\color{gray}-2.458 \mathrm{\%}}\right) $$	Flame Graph
linked_queries	query-unlimited	$$592 \mathrm{ms} \pm 824 \mathrm{μs}\left({\color{gray}-0.016 \mathrm{\%}}\right) $$	Flame Graph